mirror of
https://github.com/PartialVolume/shredos.x86_64.git
synced 2026-02-20 09:35:26 +00:00
47 lines
1.5 KiB
Diff
47 lines
1.5 KiB
Diff
From 4b8809cca4bbcbf9514314d86227f985362258b0 Mon Sep 17 00:00:00 2001
|
|
From: Patrick Griffis <pgriffis@igalia.com>
|
|
Date: Wed, 12 Feb 2025 11:30:02 -0600
|
|
Subject: [PATCH] headers: Handle parsing only newlines
|
|
|
|
Closes #404
|
|
Closes #407
|
|
|
|
CVE: CVE-2025-32906
|
|
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/af5b9a4a3945c52b940d5ac181ef51bb12011f1f]
|
|
|
|
Upstream: https://git.openembedded.org/meta-openembedded/tree/meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2025-32906.patch
|
|
|
|
Signed-off-by: Changqing Li <changqing.li@windriver.com>
|
|
[Titouan: Remove changes on test files]
|
|
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
|
|
---
|
|
libsoup/soup-headers.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c
|
|
index e5d3c03..87bb3dc 100644
|
|
--- a/libsoup/soup-headers.c
|
|
+++ b/libsoup/soup-headers.c
|
|
@@ -185,7 +185,7 @@ soup_headers_parse_request (const char *str,
|
|
/* RFC 2616 4.1 "servers SHOULD ignore any empty line(s)
|
|
* received where a Request-Line is expected."
|
|
*/
|
|
- while ((*str == '\r' || *str == '\n') && len > 0) {
|
|
+ while (len > 0 && (*str == '\r' || *str == '\n')) {
|
|
str++;
|
|
len--;
|
|
}
|
|
@@ -369,7 +369,7 @@ soup_headers_parse_response (const char *str,
|
|
* after a response, which we then see prepended to the next
|
|
* response on that connection.
|
|
*/
|
|
- while ((*str == '\r' || *str == '\n') && len > 0) {
|
|
+ while (len > 0 && (*str == '\r' || *str == '\n')) {
|
|
str++;
|
|
len--;
|
|
}
|
|
|
|
--
|
|
2.34.1
|
|
|